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DETAILED ACTION 

This action is in response to Applicant's amendment and Continued Prosecution 
Application filed on May 2, 2001 . Claims 1 , 3-5, 7-1 5, and 1 7-49 are presented for 
further examination. Claims 34-49 are new claims. Note that the new claims numbered 
by applicant as claims 33-48 have been re-numbered as claims 34-49 to comply with 35 
USC 1.126. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

1. Claims 1, 3, 7, 8, 14, 15, 17, 20-22, and 28-49 are rejected under 35 
U.S.C. 102(b) as being anticipated by Wobber et al. (U.S. Patent No. 5,235,642, 
hereinafter "Wobber"). 

In considering claims 1, 15, and 31, Wobber discloses a system for a computer- 
implemented method, comprising: 

means for checking a first memory (local cache 164) to determine if a user has 
previously accessed a requested resource on a computer network without performing a 
file open procedure upon a file which are stored any access permissions of users for 
access to the resource (col. 7, lines 32-36), upon receipt of an indication from the user 
to access the resource (col. 7, lines 22-24); and 
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providing the user with access to the resource if the first memory indicates that 
the user has previously accessed the resource (col. 8, lines 31-35). 
See also, the Abstract and Summary of the invention. 

In considering claims 3 and 17, Wobber further discloses that the user is 
represented in the first memory by a token (Auth ID, col. 7, lines 34-38). 

In considering claims 7 and 21, Wobber further discloses that the resource is a 
file (col. 4, line 21). 

In considering claims 8 and 22, Wobber further discloses that the resource is a 
volume of files (col. 4, line 21). 

In considering claims 14 and 28, Wobber further discloses the request from the 
user indicating an operation to perform with respect to the resource (i.e. access the 
resource), and further comprising: 

checking the first memory (local cache 164) to determine if the user may perform 
the operation with respect to the resource (col. 7, lines 34-36); 

checking a second memory (local cache 160) to determine if the user may 
perform the operation with respect to the resource if the first memory does not indicate 
that the user may perform the operation with respect to the resource (col. 7, lines 39-40, 
44-45, 48-52); 
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providing the user with access to the resource if the second memory indicates 
that the user may perform the operation with respect to the resource (col. 7, lines 50- 
60); and 

storing information in the first memory indicating that the user may perform the 
operation with respect to the resource if, after checking the second memory, the second 
memory indicates that the user may perform the operation with respect to the resource 
(col. 7, lines 58-63). 

In considering claim 20, Wobber further discloses authorizing the user by 
checking a password (Auth ID) provided by the user; associating the token (Principal ID) 
with the user after authorizing the user; and using the token to check the first memory 
(col. 8, lines 1-30; col. 7, lines 55-62). 

In considering claims 29 and 30, Wobber further discloses: 

checking a second memory to determine if the user may access the resource if 
the first memory does not indicate that the user has previously accessed the resource 
(col. 7, lines 39-40, 44-45, 48-52); 

providing the user with access to the resource if the second memory indicates 
that the user may access the requested resource (col. 7, lines 50-60); and 

storing information in the first memory indicating that the user may access the 
resource if, after checking the second memory, the second memory indicates that the 
user may access the requested resource (col. 7, lines 58-63). 
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In considering claim 32, Wobber further discloses performing a file open 
procedure upon the file in which are stored any access permissions of users for access 
to the requested resource to determine if the requesting user may access the requested 
resource if the memory does not indicate that the requesting user has previously 
accessed the requested resource (col. 7, line 64 - col. 8, line 22); and 

providing the requesting user with access to the requested resource if the 
requested resource indicates that the requesting user may access the requested 
resource (col. 8, lines 23-30). 

In considering claim 33, Wobber further discloses storing information in the 
memory indicating that the user has previously accessed the requested resource (col. 8, 
lines 22-30). 

In considering claim 34, Wobber further discloses prior to checking the memory, 
performing a preliminary memory check to determine of the requesting use has 
previously accessed the computer network (col. 4, lines 37-65). 

In considering claim 35, Wobber further discloses a machine-readable program 
storage device embodying instructions executable by a computer to perform a method 
for providing access to a plurality of resources to a plurality of requesting users wherein 
access to each said resource is controlled by a network server having a network 
memory, the method comprising: 
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receiving at the network server a resource request to access a requested 
resource of said plurality of resources from one said requesting user (col. 4, lines 9-30), 
wherein: 

the network memory has stored therein which of said plurality of 
requesting users had accessed which of said plurality of resources (col. 7, lines 
34-36); and 

an access file has stored therein any access permissions of any users for 
access to the requested resource (col. 7, line 64 - col. 8, line 22); 
without opening the access file, checking the network memory to determine if the 

requesting user had accessed the requested resource (col. 7, lines 34-36); and 
if the requesting user had accessed the requested resource, opening the 

requested resource to provide access to the requesting user (col. 8, lines 31-35). 

In considering claim 36, Wobber further discloses when the requesting user had 
not previously accessed the requested resource: 

opening the access file; checking the access file to determine if the requesting 
user may have access to the requested resource; and if the check is affirmative, then 
providing said access (col. 7, line 64 - col. 8, line 22). 

In considering claim 37, Wobber discloses a resource access system comprising: 
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a network, including a plurality of resources, for transmitting a resource request 
from a network user with access to the network for access to a requested resource of 
said plurality of resources (col. 4, lines 9-30); and 

a network server (node 102-1), in communication with the network, for: 
receiving the resource request (col. 7, lines 22-24); 
checking, without opening any of said plurality of resources, whether the 
network user's resource request had been previously granted (col. 7, lines 34- 
36); and 

granting said access if the check is affirmative (col. 8, lines 31-34). 

In considering claim 38, Wobber further discloses that granting said access 
further comprises opening the requested resource for the network user to have said 
access to the requested resource (col. 8, lines 34-35). 

In considering claim 39, Wobber discloses a program for a resource access 
system, the program being embodied on a computer-readable medium and executed on 
a server that provides access to resources on a network, the program comprising: a 
code segment to receive a resource request for access to one said resource from a 
user having access to the network (col. 7, lines 22-24); 

a code segment to check, without opening any of said resources on the network, 
whether the user had previously been granted access to the requested resource (col. 7, 
lines 34-36; and 
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a code segment to grant said access if the check is affirmative (col. 8, lines 31- 

35). 

In considering claim 40, Wobber further discloses a code segment to open the 
requested resource for the user of the network to have said access to the requested 
resource if the check is affirmative (col. 8, lines 34-35). 

In considering claim 41 , Wobber discloses a method for controlling access to a 
requested resource on a computer network by a requesting user, the method 
comprising: 

checking a first memory, without opening the requested resource, to determine if 
the requesting user has previously accessed the network (col. 7, lines 34-36); and 
if the requesting user has previously accessed the network: 

providing the requesting user with access to the network (col. 8, lines 31- 

35); 

checking a second memory, without opening the requested resource, to 
determine if the requesting user has previously accessed the requested resource (col. 
7, lines 48-52); 

if the requesting user has previously accessed the requested resource then 
providing the requesting user with access to the requested resource (col. 7, lines 52- 
63); and 
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if the requesting user has not previously accessed the requested resource then 
opening the requested resource to determine if the requesting user may access the 
requested resource and if the requested resource indicates that the requesting user 
may access the requested resource then providing the requesting user with access to 
the requested resource (col. 7, line 64 - col. 8, line 22). 

In considering claim 42, Wobber further discloses a resource access 
determination method comprising: receiving a request for an access to a resource from 
a user having had said access; and deciding the request without opening the resource 
or contacting the user (col. 7, lines 22-24, 30-38; col. 8, lines 31-35). 

In considering claim 43, Wobber discloses, prior to said receiving: receiving a 
request for an access to the resource from the user who had not previously accessed 
the resource; and obtaining any access privileges to the resource of the user without 
contacting the user (col. 7, line 64 - col. 8, line 22; col. 8, lines 38-44). 

In considering claim 44, Wobber discloses a resource access determination 
method comprising: 

receiving an initial request for an access to a resource from a user, and obtaining 
an access privilege of the user to the resource without contacting the user (col. 7, line 
64 - col. 8, line 22; col. 8, lines 38-44); and 
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if the user had the access privilege to the resource: granting the initial request; 
receiving subsequent requests for subsequent accesses to the resource from the user; 
and granting each said subsequent request without: opening the resource; or contacting 
the user (col. 7, lines 22-38; col. 8, lines 31-35). 

In considering claim 45, Wobber further discloses that granting the initial request 
further comprises caching the result of said obtaining said access privilege of the user 
to the resource (col. 8, lines 23-30); and 

granting each said subsequent request further comprises comparing each said 
subsequent request with said cached result of said obtaining said access privilege of 
the user to the resource (col. 7, lines 34-48). 

In considering claim 46, Wobber discloses a resource access determination 
method comprising: receiving a request for an access to a resource from a user having 
had said access; and deciding the request prior to contacting the user and without 
opening the resource (col. 7, lines 22-38; col. 8, lines 31-35). 

In considering claim 47, Wobber discloses in a system where resources are 
protected by access checks that are performed to confirm that a user meets any 
requirements for access to a particular resource, and where an access check is 
performed the first time that the user requests access to the particular resource to 
confirm that the user meets any requirements for access to the particular resource, a 
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method for determining whether the user should have access to the particular resource 
(col. 4, lines 9-30; col. 8, lines 1-22), the method comprising: 

receiving a request from a user for access to a resource; checking the results of 
previous access request checks to determine if the user has previously been allowed 
access to the resource; if the user has previously been allowed access to the resource, 
then allowing access to the resource without performing an access check (col. 7, lines 
22-38; col. 8, lines 31-35). 

In considering claim 48, Wobber further discloses that the results of previous 
access request checks are cached in a cache (col. 8, lines 23-30). 

In considering claim 49, Wobber discloses in a system where resources are 
protected by access checks that are performed to confirm that a user meets any 
requirements for access to a particular resource, where the requirements for each user 
to access each resource are stored in an access file, where an access check is 
performed the first time that the user requests access to the particular resource to 
confirm that the user meets any requirements for access to the particular resource, and 
where the access check that is performed the first time that the user requests access to 
the particular resource includes performing a file opening procedure upon the access 
file to determine the requirements for the user to access the particular resource (col. 7, 
line 64 - col. 8, line 22), a method for determining whether the user should have access 
to the particular resource, the method comprising: 
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receiving a request from a user for access to a resource (col. 7, lines 22-24); 

checking the results of previous access request checks, without opening the 
access file, to determine if the user has previously been allowed access to the resource 
(col. 7, lines 34-36); and 

if the user has previously been allowed access to the resource, then allowing 
access to the resource without performing an access check (col. 8, lines 31-35). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 9-13, and 23-27 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Wobber, in view of what was well known in the art at the time the 
invention was made. 

In considering claims 9 and 23, Wobber fails to explicitly disclose that the 
resource is a memory device (see col. 4, lines 21-24). However, Examiner takes official 
notice that it is well known for networking systems to control access to memory devices, 
as well as for software objects. Thus, it would have been obvious to a person having 
ordinary skill in the art to use the access control system taught by Wobber for 



Application/Control Number: 09/224,918 Page 13 

Art Unit: 2153 

networked memory devices in order to speed up the authorization process for access 
requests made to such memory devices. 

In considering claims 10 and 24, although the system taught by Wobber 
discloses substantial features of the claimed invention, it fails to explicitly disclose 
storing of the information in the first memory comprising overwriting other information 
associated with the resource in the first memory. Nonetheless, Examiner takes official 
notice that it is well known in a network resource access system that authentication 
information is often changed and can thus be overwritten. One reason to change 
authentication information is to prevent tampering of the protected resources. 
Therefore, given the likelihood of tampering, it would have been obvious to a person 
having ordinary skill in the art to overwrite the token (Auth ID) taught by Wobber with a 
new token submitted from the user to help prevent security breaches. 

In considering claims 11 and 25, although the system taught by Wobber 
discloses substantial features of the claimed invention, it fails to disclose writing a token 
for the user in the first memory over another token for another user that had last 
previous access to the resource. Nonetheless, Examiner takes official notice that 
overwriting information related to access rights in a network system is well known. 
Examiner takes further official notice that overwriting of data in a cache according to a 
least-recently-used algorithm is well known. Thus, given these well known network 
access functions, it would have been obvious to a person having ordinary skill in the art 
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to include the step of overwriting the least-recently-used tokens in the token cache in 
the system taught by Wobber, in order to open up storage space in the token cache in 
case the memory has become full. 

In considering claims 12 and 26, although the system taught by Wobber 
discloses substantial features of the claimed invention, it fails to disclose removing 
indications from the first memory allowing access to the resource if the resource is 
altered. Wobber instead proposes a time stamp for removing validity of the access 
rights from the cache (col. 6, lines 21-22). Nonetheless, Examiner takes official notice 
that removing user access rights to a network resource when the resource is altered is 
well known. Thus, it would have been obvious to a person having ordinary skill in the 
art to remove user access rights to the resources taught by Wobber when the resource 
is altered, in case the altered resource includes classified information which should not 
be viewed by current users. 

In considering claims 13 and 27, although the system taught by Wobber 
discloses substantial features of the claimed invention, it fails to disclose removing 
indications from the first memory allowing access to the resource if rights to the user are 
altered. Wobber instead proposes a time stamp for removing validity of the access 
rights from the cache (col. 6, lines 21-22). Nonetheless, Examiner takes official notice 
that altering user access privileges to a resource in a network is well known. Thus, it 
would have been obvious to a person having ordinary skill in the art to remove 
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indications allowing access to the resource for users whose access rights have 
changed, so that users who have acted irresponsibly and who should no longer have 
access to the resources can be prevented from accessing the resources. 

3. Claims 4, 5, 18, and 19 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Wobber, in view of Carlson et al. (U.S. Patent No. 5,506,961 , 
hereinafter "Carlson"). 

In considering claims 4, 5, 18, and 19, although the system taught by Wobber 
discloses substantial features of the claimed invention, it fails to disclose that the token 
also represents anonymous users and/or a plurality of other users. Nonetheless, it is 
well known for multiple users of a networked system to maintain the same tokens (thus 
remaining anonymous) for user access to a resource, as evidenced by Carlson. In a 
similar art, Carlson teaches an access rights system that uses tokens to signify access 
rights of users to a network, wherein single tokens can identify a group of users (thus 
rendering the users anonymous; col. 8, line 63 - col. 9, line 5). Thus, given the 
teaching of Carlson, a person having ordinary skill in the art would have readily 
recognized the desirability of representing multiple users with the same anonymous 
token to decrease the number of entries and amount of data in the cache, thus 
speeding up the cache look-up time. Therefore, it would have been obvious to 
represent a plurality of users in the system taught by Wobber with the same token, as 
suggested by Carlson. 



• 
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Response to Arguments 



Applicant's arguments with respect to the claims have been considered but are 
moot in view of the new ground(s) of rejection. 



The prior art made of record but not relied upon is considered pertinent to 
Applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Bradley Edelman whose telephone number is (703) 306- 
3041 . The examiner can normally be reached on Monday to Friday from 8:30 AM to 
5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Glen Burgess, can be reached on (703) 305-4792. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 305-7201. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703) 308- 
3900. 



Conclusion 




DungC. Dinh 
Primary Examiner 



BE 

July 24, 2001 



